Non-Deterministic Consensus

As stated in3.3.2and accordingly to the impossibility of consensus, in this thesis a non- deterministic consensus approach will be used. To achieve this form of consensus, it is necessary to weaken the usual consensus properties, allowing a probabilistic termination property instead of the deterministic termination property. Thus, the new consensus properties are the following:

• Validity — If every sensor proposes on a same value x, then all the correct sensors that make a decision, will decide the value x;

• Agreement — Two correct processes do not decide differently;

• Termination — All the correct sensors eventually decide, with probability p = 1. The next presented algorithms for non-deterministic consensus are based on the coin tossing cryptographic schemes.

3.3.5.1 Coin Tossing Protocols

The coin tossing cryptographic schemes main idea is the consensus and delivery of a binary value: 0 or 1 (or an array of such values), accordingly with a given probabilities distribution [81].

The security guarantees given by these algorithms depend on the considered adver- sary: an adversary that has access to previous coin-toss extractions is able to compute the coming values.

These protocols are mainly categorized in one of two classifications: Local Coin-toss Protocol (LCP) and Shared Coin-toss Protocol (SCP). LCP protocols ([82,83]) are compu- tationally lighter (since they use symmetric cryptography) but are expected to end in an exponential number of execution rounds; on the other hand, SCP protocols ([84,85]) are computationally heavier (since they use asymmetric cryptography) but are expected to end in a constant number of execution rounds.

Since LCP and SCP are opposites in their mode of operation, it is necessary to find a trade-off between them. This trade-off was experimentally assessed, but over common networks (with computers) and over mobile networks (ad-hoc) with devices like PDAs [86,87].

These algorithms are just thought for the binary consensus problem; however, for some applications (as our) this could not be sufficient as they may need to reach a con- sensus over a complex value (non-binary) or a set of complex values. On next sections

(3.3.5.2and3.3.5.3), two protocol’s stacks are presented, solving this problem of the non-

Figure 3.1: RITAS protocols stack

3.3.5.2 RITAS Stack

RITAS (Randomized Intrusion-Tolerant Asynchronous Services) [88] is a protocols stack (all of them are asynchronous) that uses protocols with randomness to solve the problem of the multi-valued (or set) consensus. This implementation shows that the protocols with randomness (as LCP and SCP) are efficient solving the problem of the distributed consensus over LAN’s and WAN’s.

On the stack (represented in Figure3.1), TCP layer is used to guarantee reliability and the IPSec layer is used to guarantee integrity of the transmitted data. The set of layers between TCP and the Application are intended to solve the consensus problem, with op- timal resilience to f = N −1₃ processes with Byzantine failures. The binary consensus layer uses a protocol with randomness based in LCP (developed by Bracha [83] as referred on the previous section3.3.5.1).

3.3.5.3 Turquois

Turquois [89] is a binary consensus protocol specifically designed for wireless ad-hoc networks that assumes nodes being subject to transitory disconnection (because of unre- liable communications) and permanent corruption by a malicious entity.

Turquois is developed for resource-constrained devices and thus maximises the effi- ciency of the consensus, by making a rational use of the resources provided by the en- vironment while aiming for optimal resilience parameters. Namely, since the network provides a natural broadcasting medium, the cost of transmitting a message to multiple nodes can be just the same of sending it to a single one (assuming they are all within the communication range). This property can have a profound impact on performance.

The model proposed by Turquois derives from the one introduced by Santoro & Wid- mayer (3.3.2). This means that the model assumes that any communication from one

node to another can be faulty at a given moment and be correct at another. The result of such assumption is that any broadcast message may be delivered non-uniformly by the intended recipients (some of them may deliver while others may not). Under particu- larly harsh conditions (for example, during a jamming attack), all the messages may be lost during a certain period of time.

Turquois’ model assumes a set of n ad-hoc nodes and tolerates a subset of f com- promised by a malicious adversary nodes (possibly with a Byzantine behaviour) where f < n₃. All the communications from that f nodes might potentially be lost or discarded. Additionally, dynamic omission transmission faults can exist, affecting the communica- tions between correct nodes.

This protocol is based in LCP (3.3.5.1) as it is designed for resource-constrained de- vices.

The Turquois’ evaluation results are promising when compared with the ones from other available solutions. The key to its performance is the assumption of unreliable communications, while allowing the protocol to take full advantage of the broadcasting medium. Furthermore, the protocol avoids the use of public-key cryptography during its operation, in order to preserve the limited computational power of the nodes.

3.3.6 Critical Analysis

WSNs have an asynchronous communications model, resource-constrained devices and are subject to intrusions or Byzantine flaws. A consensus solution for such networks must therefore adapt to these characteristics. The non-deterministic consensus and intrusion tolerant solutions are the most adequate to this problem; RITAS and Turquois were the analysed solutions (3.3.5.2and3.3.5.3).

RITAS protocols stack assumes the presence of TCP protocol; however, this protocol is not practical for WSNs due to their communication characteristics (in terms of reliability and in terms of the characteristics of the communications medium).

Turquois protocol is the best that suits WSN characteristics. This protocol assumes un- reliable communications and has special concerns about the resource-constrained devices and consequent performance. While aiming for optimal resilience parameters, Turquois outperforms other protocols particularly as the number of processes in the system in- creases. For a possibly large scale network as a WSN, Turquois is then the chosen protocol for binary consensus.

4

System Overview

In the present Chapter, a System Overview is done, including the contextualisation of the previous contributions.

4.1

System Model

The presented secure routing service was developed with large scale networks in mind, from dozens to thousands of nodes (as a reference, let’s consider from 1000 to 10000 nodes). Those nodes are randomly deployed in large geographic areas without any kind of supervision and subjected to all kind of adversities from the environment. Further- more, we assume that sensor nodes have a very limited mobility after their initial deploy- ment; we believe that this is the commonest case in many situations in these networks. However, the network’s set up process may rerun periodically in order to accommodate changes in the network (like changes in topology due to faults or limited mobility).

The routing is based on a multi-hop philosophy, where data is disseminated from the sensor nodes until special aggregation nodes called Base Stations. These special aggre- gation nodes have special processing, storage, energy and communication capabilities; the special communication capabilities mean that BSs are connected among them with a dedicated and more powerful network environment (such as IEEE 802.11 or IEEE 802.3 Ethernet), supporting the TCP/IP stack (this can be viewed as an overlay network). Base Stations are then also connected with data management software that will provide the captured data for the developed applications.

protocol in an ad-hoc mode with (possibly) intermittent connectivity conditions. The net- work is thereby a graph that must ensure (after the self-organisation process) connectiv- ity and coverage to all nodes, in order that every one can communicate with the Base Stations.

The operation of the WSN assumes that communications are asynchronous and not reliable (but with a best-effort delivery service).